nanog mailing list archives
Re: Arguing against using public IP space
From: Ray Soucy <rps () maine edu>
Date: Tue, 15 Nov 2011 13:32:48 -0500
On Tue, Nov 15, 2011 at 5:57 AM, Leigh Porter <leigh.porter () ukbroadband com> wrote:
As somebody else mentioned on this thread, a NAT box with private space on one side fails closed.
This is a myth; just like NAT provides security is a myth. It doesn't matter if your firewall performs NAT or not; if it fails, traffic will more than likely stop flowing. The conditions for a non-NAT firewall to fail open are very specific. You often need to engineer it to have that functionality. Either type of firewall system can be designed to fail open or fail closed. -- Ray Soucy Epic Communications Specialist Phone: +1 (207) 561-3526 Networkmaine, a Unit of the University of Maine System http://www.networkmaine.net/
Current thread:
- Re: Arguing against using public IP space, (continued)
- Re: Arguing against using public IP space Mark Andrews (Nov 15)
- Re: Arguing against using public IP space Jay Ashworth (Nov 15)
- Re: Arguing against using public IP space Mark Andrews (Nov 15)
- Re: Arguing against using public IP space Owen DeLong (Nov 16)
- Re: Arguing against using public IP space -Hammer- (Nov 16)
- Re: Arguing against using public IP space Owen DeLong (Nov 16)
- Re: Arguing against using public IP space Ray Soucy (Nov 16)
- Re: Arguing against using public IP space -Hammer- (Nov 16)
- Re: Arguing against using public IP space Jay Ashworth (Nov 15)
- Re: Arguing against using public IP space Owen DeLong (Nov 15)
- Re: Arguing against using public IP space Ray Soucy (Nov 15)
- Re: Arguing against using public IP space Phil Regnauld (Nov 13)
- Re: Arguing against using public IP space Jay Ashworth (Nov 13)
- Re: Arguing against using public IP space Jeff Kell (Nov 13)
- Re: Arguing against using public IP space Cameron Byrne (Nov 13)
- Re: Arguing against using public IP space Robert Bonomi (Nov 13)
- Re: Arguing against using public IP space Jay Ashworth (Nov 13)
- Re: Arguing against using public IP space Jeroen van Aart (Nov 14)
- Re: Arguing against using public IP space William Herrin (Nov 15)
- Re: Arguing against using public IP space Michael Sinatra (Nov 15)
- Re: Arguing against using public IP space Owen DeLong (Nov 15)